Ask Leo! #711 – Why Does My IP Address Have a Bad Reputation? And What Do I Do?

This Week

Featured: Think you have a bad reputation? Think again.

Also this week: CRC Errors and how to deal with one secenario, and the mystery of the disappearing recycle bin.

Big change to memberships. I spent a good part of the weekend completing the cleanup of our membership system. The short version is that everything that used to be on members.askleo.com has been moved to askleo.com itself. That means if you had a membership to book-related bonuses or other content on members.askleo.com you can now access it via askleo.com.

There's a lot more information here. If you had a members.askleo.com account please read that page.

Bottom line: from here on out you only need one account - your askleo.com account.

I apologize for all the confusion that lead us here, and I really, really appreciate your patience while I cleaned it all up.

Your support helps! Here are all the ways you can help. And while I'm at it, here are all the different ways to get Ask Leo! (Whew! There's a bunch!)

Why Does My IP Address Have a Bad Reputation? And What Do I Do?

(skip)

I found on Cisco's Talos blog that my email reputation is “poor.” Apparently my IP address has been sending lots of email. But I haven't! I have several computing devices: macOS 10.13.4, Windows 8.1 fully updated running Avast Free with weekly scans and a recent boot-time scan; MalwareBytes free with recent full “threat scan.” My wife uses a Chromebook (up-to-date). I use an iPad 2 and an iPhone 7 (both running iOS 11). Sometimes I use older iPhones (a 4S and a 5S). I have no IoT devices other than the router, a Pepwave Surf SOHO MK3. Pepwave says their routers are not affected by VPNFilter. I use a VPN most of the time on my portable devices, even at home. But not the Windows machine. Sometimes my Windows machine slows down, then recovers. My Windows hard drive often runs and runs. Other times, it times out, as expected. My ISP is TimeWarnerCable. I'm surprised they haven't contacted me. Is there something I can to do detect outgoing traffic (including, but not restricted to, spam)?

I think it's very unlikely you are sending spam. Possible, sure, but based on your description, you seem to have things well in hand.

It's important to realize that you are not necessarily your IP address.

It's also important not to read too much into anyone's reputation report.

Reputation report

The Cisco Talos reputation center is an interesting service. Enter an internet IP address and it will tell you an assortment of information about it, including a rough idea of where it is, which ISP owns the IP address, and more.

Here's a look at the reputation of my own IP address here at home.

IP Reputation Report

You can see that Comcast is my ISP, that the IP address is associated with Redmond, WA (about five miles south of my location), and that my email reputation is “poor”.

Wait. What? Poor?

Yes, my reputation, like yours, is poor.

But it's nothing to worry about.

Email reputation

If you look more closely at the report, you'll also see that the Email Volume is 0, and that there's been no spam sent for the last month. (The same is true for the report sent with the question.)

My interpretation of my “poor” reputation is simply this:

  • Lack of information (i.e., there's no email recorded as coming from my IP address) is a negative thing.
  • That I'm on a dynamic rather than static IP is a negative thing.
  • That I'm not actually a hosting company, but rather an individual home or small business, is a negative thing.

Looking at it another way, since there's nothing really good to say about my IP address, the default is to classify it as “poor”. We'll see why in a moment.

But I do send email

The most confusing thing is that the email volume shown for the last month is zero.

My Email Volume

Trust me, I send email. Between my wife, myself, and others, we send a lot of email.

The difference is that our computers don't act like mail servers. Email from our computers is sent to exactly one location: our email service provider. When we send email using a program on our computers:

  • The program connects to our email provider using the SMTP settings we've configured.
  • It authenticates that we have an account with that email provider.
  • The provider accepts the mail we have to send.
  • The provider then sends each individual message on to its final destination.

(If you use your web browser to send email using webmail services — like Outlook.com, Gmail, Yahoo! Mail, or others — your computer and your IP address aren't sending email at all. You're just viewing and interacting with web pages. All the emailing happens on servers belonging to the webmail service.)

As far as reputation services go, you're not sending email at all — not directly. Your email service provider is doing it for you.

It's not your IP address (for long)

Unless you've made special arrangements with your ISP (which usually involves paying them extra money), your IP address is “dynamic”, which means it changes from time to time.

When you get a new IP address, you inherit the reputation of whoever was using it before you. Depending on how frequently the IP address changes, that could include the reputation of whoever had it before them, and before them, and before them, and so on.

In the world of spam detection and reputation, dynamic IP addresses have poorer reputations because there's less accountability. Any misbehavior you perform on today's assigned IP address could be harder to track down if your IP address changes tomorrow.

This is not an issue, though, since you're not a mail server. You're sending email to only one location: your email service provider. It's their reputation that matters. This is why you had to configure your SMTP settings with your account username and password: your email program has to login when sending your email to them for delivery. Your email provider needs to know you're a customer and not a random spammer. Even if you do start sending spam, they know exactly which account — not IP address — to blame it on.

An email server in your home

If you did, indeed, run your own email server in your own home (or place of business), the reputation of your IP address might come into play. The servers to which your mail server would connect would use that information to help determine whether the email they receive from your server should be classified as spam or blocked altogether.

But you don't run an email server. At most, you run an email program, like Thunderbird, or Microsoft Office Outlook, or something similar, which is configured to send email through your ISP or other email service provider. It's their email servers you actually use.

And they're the ones whose reputation matters.

Why “poor” is good

In 99% of all homes, and probably even most small businesses, email shouldn't be sent from your IP address directly. It should go through your email service provider or ISP.

If email did start coming directly from your IP address, that could well be a sign of a problem. “Poor” is the right way to characterize the reputation. Any email server receiving email directly from your IP address and not another email server should seriously consider treating it as spam.

And stopping spam is a good thing.

What I do

While all the information about an IP address can be interesting, I ignore the reputation of whatever my currently-assigned home IP address might be. It simply doesn't apply — especially when the email volume is zero, which is exactly what I'd expect for almost all homes.

If, on the other hand, the email volume was listed as something other than zero, I might look more closely. That could be a sign that malware on my machine was sending email. Even then, I'd reserve judgement and not panic until I understood the situation more clearly.

Related Links & Comments: Why Does My IP Address Have a Bad Reputation? And What Do I Do?
https://askleo.com/47454

Ad-Free Ask Leo!

Support Ask Leo! and enjoy an ad-free experience whenever you visit askleo.com.

Become a patron for as little as $2/month (or $24/year) for Ad Free Ask Leo!.

Thanks!

Leo

No Ads

How Do I Fix a Cyclic Redundancy Check Error When I Try to Copy a File?

Outlook started acting up, so as part of my attempts to fix it I tried to copy the PST to another location. The copy failed part way through with a cyclic redundancy check error. How can I get past this and back up my data?

A cyclic redundancy check, or “CRC” error, indicates a bad spot on your hard drive. The fact that you see it when trying to copy a file indicates the bad spot may be within the file itself.

We need to verify that, try to recover your file, and repair your hard drive.

Then we need to learn from this.

Continue Reading: How Do I Fix a Cyclic Redundancy Check Error When I Try to Copy a File?
https://askleo.com/2935

Where's the Recycle Bin on My USB Drive?

I had a file on a USB pen drive I accidentally deleted. I went to the Recycle Bin folder to recover it. But the file was not there. Luckily the file was not very important. I have experimented with deleting files on the USB pen drive and it appears the deleted files do not go to the Recycle Bin. Where do the files go? Is it possible to undo a delete from a USB pen drive?

As you've found out, there's not always a Recycle Bin. I've also seen it be present but go unused.

It's confusing and surprising, but the Recycle Bin seems to be used inconsistently across versions of Windows, at least
when it comes to what Windows considers to be a “removable” device.

Continue Reading: Where's the Recycle Bin on My USB Drive?
https://askleo.com/3508

The Ask Leo! Tip of the Day

A feature exclusively available to Ask Leo! Patrons Bronze level & above.

More Ask Leo!

Tech Enthusiast Hour: I'm one of the regular hosts of the weekly Tech Enthusiast Hour podcast! Join us as we discuss the latest news & tech goings on. More information at tehpodcast.com!

Become a Patron
Ask Leo! Books
Facebook - YouTube - More..

Leo's Other Projects....

HeroicStories Since 1999, HeroicStories brings diverse, international voices to the world ' reminding us that people are good, that individuals and individual action matter. Stories - new and old - are published twice a week.

Not All News Is Bad - Each day I look for one story in the current news of the day with a positive bent. Just one. And I share it.

leo.notenboom.org - My personal blog. Part writing exercise, part ranting platform, it's where I write about anything and everything and nothing at all.

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at https://newsletter.askleo.com for their own FREE subscription!

Newsletter contents Copyright © 2018,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC